Some people predicted a short shelf life for app wrapping, but it's become a valuable mobile application management option for companies that want to skip out on extra app development.

Application wrapping fills some important and unique roles in enterprise mobile security, and it won't be going away anytime soon.

The enterprise mobility management (EMM) industry realized early on that companies not only need to protect their corporate apps and data, but also respect the privacy and user experience of personal apps and data.

Several containerization technologies emerged to help find that balance. One way is for IT to deploy special apps that include its own enterprise management features. To help with this approach, many EMM vendors provide software development kits (SDKs) that enable apps to connect to their management platforms. But SDKs require advanced planning as well as extra skills and effort from developers.

App wrapping provides an alternative. Instead of building management hooks in from the beginning, app wrapping tools take existing apps and repackage them within a new shell app—the wrapper. IT can then sign and distribute the resulting apps just like any others.

App wrapping trade-offs required

The wrappers provide applications with everything they need to work in enterprise environments and connect to EMM platforms. As a result, wrapped apps will have features they previously lacked, including VPN connectivity, remote wipe capabilities, access and authentication controls and encryption. Wrappers can also apply security policies to control how apps interact with resources on host devices. For example, a company might want to block an app's access to location data or the camera, or to prevent the app from writing data to shared frameworks, such as a smartphone's contacts list.

Unlike SDKs, app wrapping takes the burden of securing an app off developers and ensures consistent management capabilities across all of the apps that a company uses.

App wrapping takes the burden of securing an app off developers and ensures consistent management capabilities.

One important caveat is that to wrap an app, the company must gain access to the app package itself as well as the right to redistribute it. Most app wrapping vendors and their customers take the position that the terms and conditions of public app stores prohibit redistribution, and do not wrap apps from those sources. A small number of vendors argue that it actually is acceptable to wrap apps from public app stores, which could eliminate some of the trade-offs around app wrapping, but it's not yet a mainstream idea that Apple or Google have publicly acknowledged.

For that reason, the best use case for app wrapping is not to rein in consumer apps, but to add management features to apps that companies acquire directly from enterprise-oriented developers or independent software vendors.

Will app wrapping last?

In the last two years, mobile application management controls built directly into mobile operating systems have emerged to challenge some app wrapping use cases. With the introduction of Apple iOS 7, Samsung Knox 2.0 and Google's Android for Work, IT can now apply management policies like data sharing restrictions or per-app virtual private networks directly to almost any app, whereas those features were previously available only through app wrapping or SDKs. Consequently, some analysts have predicted the death of app wrapping.

These newer OS-level controls have their own downsides, however. IT must be able to manage the entire device, which rules out these controls for many bring your own device scenarios. Plus, management policies are limited to whatever the host mobile OS supports, and enforcement is dependent on the security integrity of the host device. App wrapping can provide more diverse policies and a layer of security that isn't dependent on the device.

No single technology will work for all mobile application management use cases. App wrapping will continue to be relevant, and nothing will be able to completely replace having mobile app controls incorporated directly into apps.

Join the conversation

2 comments

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Your password has been sent to:

Please create a username to comment.

The idea of app wrapping sounds good and valid. However, our customers tell us that it is not reliable. They never know whether the wrapping will work. Also, as mentioned, they cannot just take any app from the app stores out there and wrap it. The developer, and also Apple, need to approve it. How would a developer be able to deliver support to apps that have been wrapped by someone else, and maybe not only wrapped by one tool but several ones from several vendors? Customers say, it can take days to a month until they have approval for their wrapped app. So, yes, it only makes sense to wrap an app where the customer owns the original app package. But then it is still not guaranteed that it will work.So, why taking all that burden if apps can be managed and hooked up with VPN profiles with the OS-built-in tools within minutes? Most devices are company-owned or COPE devices anyway. Businesses want to make sure they can wipe corporate data or set PW policies. In order to do so, an MDM profile is necessary. If an MDM profile is on the device then it is only a very small step to natively manage applications. Our customers love it! corporateserver.cortado.com